Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SL9gMkOuOhoJhvv2knJHT0fxw-s.roa
File: SL9gMkOuOhoJhvv2knJHT0fxw-s.roa (raw, json)
Hash identifier: ByohOzL3FppMqc8eD2QjJ5maXX2da2kLUKvgv52MTlA=
Subject key identifier: 48:BF:60:32:43:AE:3A:1A:09:86:FB:F6:92:72:47:4F:47:F1:C3:EB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BCF2510E8CC023AE7A2C336EE3B37AEB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SL9gMkOuOhoJhvv2knJHT0fxw-s.roa
Signing time: Wed 04 Sep 2024 12:11:22 +0000
ROA not before: Wed 04 Sep 2024 12:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:f2:51:0e:8c:c0:23:ae:7a:2c:33:6e:e3:b3:7a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 12:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48bf603243ae3a1a0986fbf69272474f47f1c3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b9:76:d9:02:1b:ca:49:d2:e9:b4:95:2c:e3:
00:48:54:08:dc:f7:e4:c3:c8:46:73:77:62:34:34:
f7:2c:05:de:da:6f:13:31:eb:63:bd:8c:7d:cc:c9:
2b:ae:6d:73:fc:67:a1:3d:ab:3f:26:36:49:d5:37:
d7:8a:8a:f5:9d:f5:30:5e:de:ee:d1:fa:2f:5d:04:
36:c3:12:bf:d7:ae:29:a8:2a:c8:b7:47:b1:f8:47:
ef:b4:9f:91:f0:ac:f6:99:4f:ab:0f:a3:8d:80:45:
df:be:3f:b5:04:fb:c7:4b:0e:17:d5:29:29:69:71:
11:5f:84:c1:2d:28:86:5a:52:eb:22:f4:94:19:dc:
af:c8:1e:28:40:29:b9:27:72:f8:1e:82:98:81:79:
d7:25:ce:1b:8d:a9:31:a8:26:e1:d4:b3:8d:7b:e3:
2a:e7:34:f9:fe:7c:d0:0a:27:cd:67:8a:a7:5f:e4:
ec:8f:f7:c4:e0:17:75:9e:0f:47:23:4e:1f:6a:29:
9c:45:14:89:1f:86:e4:01:24:05:fb:86:ba:0c:bc:
25:c9:cd:d8:36:2b:e9:3f:48:01:2d:cf:3a:d0:ea:
f6:b2:bd:75:b4:e3:40:18:19:04:80:8f:87:26:6a:
4f:e5:80:41:fb:c4:37:ae:bc:c2:73:ac:db:8b:4f:
5f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:BF:60:32:43:AE:3A:1A:09:86:FB:F6:92:72:47:4F:47:F1:C3:EB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SL9gMkOuOhoJhvv2knJHT0fxw-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
20:de:de:f7:f6:e8:5a:1a:6b:a6:39:90:0e:c2:3a:d7:62:b0:
af:de:37:db:e3:2f:99:7c:f3:dc:42:d2:64:ee:46:84:a8:72:
76:43:b9:7e:13:a8:3f:82:54:68:8e:d0:ec:94:af:8f:8a:8f:
79:40:76:cb:fc:6f:27:c9:2f:e0:6d:1c:7f:40:8a:2b:83:3f:
06:25:12:97:be:e5:5b:8c:e6:5b:bf:b0:d4:23:70:ab:96:e0:
d6:31:54:6f:00:fb:42:b0:06:11:47:40:a5:f8:4d:74:af:12:
68:a3:b3:40:0d:df:02:50:ec:ae:96:59:71:4e:1e:63:ee:56:
26:83:b9:47:37:1f:9a:7a:c1:5f:bd:bb:0e:0c:32:71:cd:c1:
b5:25:a2:1b:c5:6c:9e:65:f6:18:b4:26:2d:21:f5:43:88:ae:
85:5d:e9:71:d3:83:2d:fb:4f:4a:bd:e7:11:08:b7:72:ca:8f:
7f:91:cc:7e:43:5c:75:1e:7d:4a:18:45:77:61:9e:24:81:96:
5d:5b:4e:f9:e7:49:3b:a4:f1:54:17:fc:3a:1c:25:51:e3:29:
4b:1d:cf:50:62:6d:ac:b6:44:88:5f:21:a2:44:d0:82:40:cb:
e3:d2:62:f4:18:fc:c5:ff:15:07:19:fd:84:db:cc:81:3a:ef:
8b:f4:60:20
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG88lEOjMAjrnosM27js3rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MTIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGJmNjAzMjQzYWUzYTFhMDk4NmZiZjY5MjcyNDc0ZjQ3ZjFjM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7l22QIbyknS6bSVLOMASFQI3Pfk
w8hGc3diNDT3LAXe2m8TMetjvYx9zMkrrm1z/GehPas/JjZJ1TfXior1nfUwXt7u
0fovXQQ2wxK/164pqCrIt0ex+EfvtJ+R8Kz2mU+rD6ONgEXfvj+1BPvHSw4X1Skp
aXERX4TBLSiGWlLrIvSUGdyvyB4oQCm5J3L4HoKYgXnXJc4bjakxqCbh1LONe+Mq
5zT5/nzQCifNZ4qnX+Tsj/fE4Bd1ng9HI04faimcRRSJH4bkASQF+4a6DLwlyc3Y
NivpP0gBLc860Or2sr11tONAGBkEgI+HJmpP5YBB+8Q3rrzCc6zbi09fjQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEi/YDJDrjoaCYb79pJyR09H8cPrMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvU0w5Z01rT3VPaG9KaHZ2MmtuSkhUMGZ4dy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAIN7e9/boWhprpjmQDsI612Kw
r9432+MvmXzz3ELSZO5GhKhydkO5fhOoP4JUaI7Q7JSvj4qPeUB2y/xvJ8kv4G0c
f0CKK4M/BiUSl77lW4zmW7+w1CNwq5bg1jFUbwD7QrAGEUdApfhNdK8SaKOzQA3f
AlDsrpZZcU4eY+5WJoO5RzcfmnrBX727Dgwycc3BtSWiG8VsnmX2GLQmLSH1Q4iu
hV3pcdODLftPSr3nEQi3csqPf5HMfkNcdR59ShhFd2GeJIGWXVtO+edJO6TxVBf8
OhwlUeMpSx3PUGJtrLZEiF8hokTQgkDL49Ji9Bj8xf8VBxn9hNvMgTrvi/RgIA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:25:57 2025 by rpki-client